Microsoft
Last updated
Was this helpful?
Last updated
Was this helpful?
Follow the below steps to configure your SSO login with Microsoft:
Head to Microsoft Entra ID in your Azure Portal. Then head to Enterprise Applications.
Click on New Application.
Click on Create your own application.
Set the configuration for this app as shown in the image below.
Under the Redirect URI, select Web and add https://app.balkan.id/authn/self-service/methods/oidc/callback/microsoft-XXXXXX where XXXXXX is your Organization Name.
After filling all details as shown above, click on Register.
Head to Enterprise Applications, then search for the app previously created.
Go to Properties. Upload a logo if you want to for easier identification and set the configuration as below:
Then head to Single Sign-On. You will see an option similar to the one shown below. Click on Go to Application.
You will see the Application ID and Directory ID. Make a note of this.
Go to Certificates and Secrets and generate a new Client Secret. Generate it with a duration of 730 days (24 months).
Send the generated the Application ID,Client Secret and Directory ID and send them to BalkanID using a secure channel.
Once the SSO is enabled from the BalkanID team's end, go to the login URI: https://app.balkan.id/?oidc=microsoft-XXXXXX where XXXXXX should be your Organization Name as mentioned in Step 4. Your account will be setup!
The steps to setup Microsoft SSO for every user who previously already have a BalkanID application account (used to login via email & password or any prior SSO you already had in place) are as follows:
Go the company specific Microsoft SSO link
Sign in with email & password or any prior SSO you already had in place. Then head to "Profile" -> Setup Microsoft SSO.
Logout and log in with Microsoft SSO.
The above is just a one-time activity that needs to be carried out by every existing user. Going forward, they can just login using Microsoft SSO.
